PT-2026-4429

Name of the Vulnerable Software and Affected Versions Livemesh Addons for WPBakery Page Builder versions through 3.9.4 Description The software contains a flaw related to improper input handling during web page creation, which can lead to Stored Cross-site Scripting XSS. This means that malicious...

EUVD-2025-21613

Malicious code in bioql PyPI...

CVE-2025-53564

CVE-2025-53564: LambertGroup HTML5 Radio Player - WPBakery Page Builder Addon (<= 2.5) suffers Reflected XSS due to improper input neutralization during page generation. Affected versions are

CVE-2025-53564 WordPress HTML5 Radio Player - WPBakery Page Builder Addon <= 2.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Radio Player - WPBakery Page Builder Addon lbgradioplayeraddonvisualcomposer allows Reflected XSS.This issue affects HTML5 Radio Player - WPBakery Page Builder Addon: from n/a...

CVE-2025-31070

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in LambertGroup HTML5 Radio Player - WPBakery Page Builder Addon lbg-cleverbakery allows Path Traversal.This issue affects HTML5 Radio Player - WPBakery Page Builder Addon: from n/a through = 2.5...

CVE-2025-39410

CVE-2025-39410 describes a deserialization of untrusted data vulnerability in the WordPress plugin “Smart Sections Theme Builder – WPBakery Page Builder Addon” (versions up to 1.7.8). Public data in the connected documents confirms a PHP Object Injection flaw that affects this addon, with CVSS v3...